CVE-2013-6438 - The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before

CVE-2013-6438

Summary

The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.

References

Vulnerable Configurations

cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.15-60:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.15-60:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.24:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.24:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.25:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.25:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.26:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.2.26:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*

CVSS

Base:	5.0 (as of 14-09-2022 - 18:40)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

redhat via4

rpms

httpd-0:2.2.3-85.el5_10
httpd-debuginfo-0:2.2.3-85.el5_10
httpd-devel-0:2.2.3-85.el5_10
httpd-manual-0:2.2.3-85.el5_10
mod_ssl-1:2.2.3-85.el5_10
httpd-0:2.2.15-30.el6_5
httpd-debuginfo-0:2.2.15-30.el6_5
httpd-devel-0:2.2.15-30.el6_5
httpd-manual-0:2.2.15-30.el6_5
httpd-tools-0:2.2.15-30.el6_5
mod_ssl-1:2.2.15-30.el6_5
httpd-0:2.2.22-27.ep6.el5
httpd-0:2.2.22-27.ep6.el6
httpd-debuginfo-0:2.2.22-27.ep6.el5
httpd-debuginfo-0:2.2.22-27.ep6.el6
httpd-devel-0:2.2.22-27.ep6.el5
httpd-devel-0:2.2.22-27.ep6.el6
httpd-manual-0:2.2.22-27.ep6.el5
httpd-manual-0:2.2.22-27.ep6.el6
httpd-tools-0:2.2.22-27.ep6.el5
httpd-tools-0:2.2.22-27.ep6.el6
mod_ssl-1:2.2.22-27.ep6.el5
mod_ssl-1:2.2.22-27.ep6.el6
httpd-0:2.2.22-27.ep6.el5
httpd-0:2.2.22-27.ep6.el6
httpd-debuginfo-0:2.2.22-27.ep6.el5
httpd-debuginfo-0:2.2.22-27.ep6.el6
httpd-devel-0:2.2.22-27.ep6.el5
httpd-devel-0:2.2.22-27.ep6.el6
httpd-tools-0:2.2.22-27.ep6.el5
httpd-tools-0:2.2.22-27.ep6.el6
mod_ssl-1:2.2.22-27.ep6.el5
mod_ssl-1:2.2.22-27.ep6.el6

refmap via4

apple	APPLE-SA-2014-10-16-1 APPLE-SA-2015-04-08-2
bid	66303
bugtraq	20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
confirm	http://advisories.mageia.org/MGASA-2014-0135.html http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/util.c http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/util.c?r1=1528718&r2=1556428&diff_format=h http://www-01.ibm.com/support/docview.wss?uid=swg21669554 http://www-01.ibm.com/support/docview.wss?uid=swg21676091 http://www-01.ibm.com/support/docview.wss?uid=swg21676092 http://www.apache.org/dist/httpd/CHANGES_2.4.9 http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html http://www.vmware.com/security/advisories/VMSA-2014-0012.html https://blogs.oracle.com/sunsecurity/entry/multiple_input_validation_vulnerabilities_in1 https://httpd.apache.org/security/vulnerabilities_24.html https://puppet.com/security/cve/cve-2013-6438 https://support.apple.com/HT204659 https://support.apple.com/kb/HT6535
fulldisc	20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
gentoo	GLSA-201408-12
hp	HPSBUX03102 HPSBUX03150 SSRT101681
mlist	[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html [httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html [httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html [httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html [httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html [httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html [httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html [httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
secunia	58230 59315 59345 60536
ubuntu	USN-2152-1

Last major update

14-09-2022 - 18:40

Published

18-03-2014 - 05:18

Last modified

14-09-2022 - 18:40